EU Regulators Investigate OKX Exchange After Bybit Hack Raises Money Laundering Concerns

European Union (EU) regulators are intensifying their focus on OKX, a major cryptocurrency exchange, following revelations that hackers exploited its Web3 platform to launder roughly $100 million in stolen digital assets. The funds were pilfered during a staggering $1.5 billion heist targeting Bybit, a rival trading platform, in what has been dubbed the largest and most intricate crypto hack to date.

According to sources familiar with the matter, who spoke on condition of anonymity to Bloomberg, national watchdogs from the EU’s 27 member states convened on March 6, 2025, under the auspices of the European Securities and Markets Authority’s Digital Finance Standing Committee to address the issue. The spotlight has fallen on OKX’s Web3 service, a decentralized finance platform marketed as a self-custodial wallet connecting traders to multiple blockchains and exchanges.

The Bybit breach, attributed to North Korean hackers, exposed critical weaknesses in the cryptocurrency ecosystem, with the perpetrators swiftly funneling stolen ETH through decentralized platforms and cross-chain bridges. Bybit’s analysis points to OKX’s Web3 service as a key conduit for laundering a portion of the haul, prompting regulators to question whether this platform falls under the EU’s newly implemented Markets in Cryptoassets (MiCA) framework, which took full effect late last year. The deliberations center on whether OKX could face penalties if its Web3 operations are deemed within MiCA’s scope, a matter complicated by the platform’s integration into OKX’s broader ecosystem, including its website and terms of use tied to an OKX Singapore entity.

Regulatory Response and MiCA Implications

The scrutiny comes at a pivotal moment for OKX, which has positioned itself as a heavyweight in the crypto space since its founding in 2017. Based in the Seychelles, the exchange boasts trading in over 300 cryptocurrencies, including Bitcoin and Ethereum, and reported 53 million individual wallets created on its Web3 platform by July 2024. While fully decentralized platforms are exempt from MiCA, regulators from nations like Austria and Croatia argue that OKX’s Web3 service, with its centralized features, should be subject to the bloc’s rules. A presentation at the March 6 meeting underscored this view, noting the platform’s direct linkage to OKX’s main operations and raising the possibility of sanctions violations tied to North Korea’s Lazarus Group.

OKX has pushed back against the allegations, calling claims of its involvement in money laundering “inaccurate and preposterous” in a statement to Bloomberg. The exchange emphasized its cooperation with Bybit to track and block suspect wallet addresses while asserting compliance with local laws and regulatory inquiries. Yet the pressure is mounting. Some EU regulators have urged the European Banking Authority and ESMA to intervene, even suggesting that Malta, where OKX secured a MiCA pre-authorization in January 2025, consider revoking the exchange’s license to operate across the European Economic Area. Malta’s financial authority has scheduled discussions with OKX leadership but has not committed to formal action.

The situation is further complicated by OKX’s recent legal troubles. In February 2025, the exchange admitted guilt in the U.S. for processing over $1 trillion in unlicensed transactions, agreeing to pay more than $504 million in penalties. As the EU navigates its transition to MiCA, the OKX probe underscores the challenges of regulating a fast-evolving industry where innovation often outpaces oversight.